encryption algorithm

A formula used to turn ordinary data, or "plaintext," into a secret coded message known as "ciphertext." The ciphertext can reside in storage or travel over unsecure networks without its contents being divulged to unauthorized people.

Also known as a "cipher," each algorithm uses a randomly generated string of bits known as a "key" to perform the calculations. The larger the key (the more bits), the greater the number of potential patterns can be created, thus making it harder to break the code and decrypt the contents.

Most encryption algorithms use the block cipher method, which codes fixed blocks of input. Others use the stream method, which encrypts one bit at a time. See mode of operation, cryptography, security protocol, stream cipher, block cipher and algorithm.

Algorithm Choices

Excerpted from a ScramDisk dialog, which was an application that encrypted files on the hard drive, this shows a selection of algorithms. "Mouse entropy" is the amount of randomness introduced into the creation of the key. The more the mouse is jiggled, the more randomness. Following are excerpts from the program's documentation, which provide a brief summary of secret key algorithms.

3DES
This is far better than DES; it uses three applications of the DES cipher in EDE (Encipher-Decipher-Encipher) mode with totally independent keys. Outer-CBC is used. This algorithm is thought to be very secure (major banks use it to protect valuable transactions), but it is also very, very slow.

Blowfish
Blowfish is a high security encryption alogorithm designed by Bruce Schneier, the author of Applied Cryptography and owner of the company Counterpane. It is very fast, is considered secure and is resistant to linear and differential analysis. This is my personal cipher of choice.

DES
Data Encryption Standard was designed in the early 1970s by IBM with input from NSA. It is OK, but a single key can be broken in three days by the Electronic Frontier Foundation, a poorly funded organization. This algorithm was provided for completeness.

IDEA
International Data Encryption Algorithm was produced by Xuejia Lai and James Massey. It is fairly fast, is considered secure, and it is also resistant to both linear and differential analysis. To use this for anything other than personal use, a royalty must be paid to Ascom-Systec Ltd.

Misty1
Misty1 was designed by M. Matsui of Mitsubishi. It is a reasonably fast cipher that is resistant to both linear and differential analysis. It is fairly new though, so use it with caution.

Square
Square is a very fast and reasonably secure block cipher produced by John Daemen and Vincent Rijmen. It hasn't been subject to as much peer review as Blowfish, 3DES, IDEA, etc., so it may be susceptible to attacks.

Summer
This is a proprietary stream cipher constructed by the author and is designed for speed alone. It is supplied for backward compatibility with Version 1 of ScramDisk and is not recommended for use on newly created disks. Instead, use TEA or Blowfish, which are both reasonably fast.

TEA
Tiny Encryption Algorithm is a very fast and moderately secure cipher produced by David Wheeler and Roger Needham of Cambridge Computer Laboratory. There is a known weakness in the key schedule, so it is not recommended if utmost security is required. TEA is provided in 16 and 32 round versions. The more rounds (iterations), the more secure, but slower.

 Block KeyEncryption Size SizeType Author Bits Bits Time** 3DES Diffie-Hellman 64 168 4:05 Blowfish Schneier 64 256 0:55 DES IBM-NSA 64 56 1:42 IDEA Lai-Massey 64 128 1:07 Misty1 Matsui 64 128 2:50 Square Daemon-Rijmen 128 128 0:39 Summer Aman (stream) 128 0:46 TEA 16 Wheeler-Needham 64 128 0:46 TEA 32 Wheeler-Needham 64 128 1:03 **Minutes/seconds to encrypt a 50MB file. Although times are based on an older 166 MHz Pentium, the list serves as an algorithm speed comparison.